Founded in 2002 Prometheus Global and possessing unmatched expertise gained from homeland security, federal and commercial backgrounds, the Prometheus Global team advanced their skills and methods at the White House, Department of Defense, the United States Nuclear Regulatory Commission, Cisco Systems, Bell Atlantic and the Wheel Group amongst others.

Prometheus Global, Inc.

Prometheus Global is a full-service security consulting and services firm specializing in Risk Management, Vulnerability Assessments, Penetration Testing, Incident Control and Response, advanced persistent threats and integrated security solutions. Additionally, Prometheus Global has been a leader across the Federal government in security and governance programs. Prometheus Global is the parent company for the other three divisions:

Shortly after the birth of Prometheus Global, Atomicorp Industries (http://www.atomicorp.com) was brought to life. Atomicorp is the software product arm of the Prometheus Global family, providing solutions which incorporate much of the research conducted by Got Root Labs, and driven by the customer needs encountered by the Prometheus Global. Atomicorp is currently home to “Tortuga”, a full-featured anti-spam solution currently in use at the Department of the Interior, and in Commercial Hosting facilities. The project developed out of the initial need to establish an anti-spam gateway for multiple downstream mail servers (Lotus Notes, Microsoft Exchange). It has since been expanded to include anti-virus, anti-spyware/malware, backup/failover mail services, and email escrow capabilities. The system is self-healing, clusterable, and requires minimal maintenance.

Atomicorp is released version 2.0 of our cutting-edge security product: Atomic Secured Linux (ASL). ASL is a Linux security solution which incorporates a hardened kernel with userspace Intrusion Prevention Systems (IPS), Role Based Access Controls, Layer 7 protocol protections, Virtual Patching, anti-spam enhancements, a vulnerability scanner, a compliance scanner and more. ASL is designed to secure web application, shared and virtual hosting environment against attacks at all layers of the system.

The design of ASL approaches securing the server, and its applications, by using an application layer firewall to filter out malicious content before it reaches the application. The hardened kernel subsystems further enhance the overall security model by enforcing file and process level security policies on the system. And the vulnerability and compliance scanners help to ensure the system is meeting outside mandates for secure configuration, such as PCI, FISMA and others. The vulnerability scanner also has a “healing” mode, which will fix any problems it detects on the system. ASL systems can self-correct to meet new compliance requirements, and to adjust the security posture of the system to meet new threats and to reconfigure the system automatically to be more secure.

Atomicorp is finalizing testing for a new Enterprise Unified Threat Management system, which is in use at select commercial customers to automatically quarantine infected, vulnerable or simply non-compliant systems or users that violate policies of their member networks. The system allows for an organization to implement a low-cost, simple-to-use system to respond to security incidents, and to work with users to correct out-of-policy behavior. The system is designed for organizations with limited security resources, and demanding userbases. It is currently in use at several high profile organizations and is being used to protect them against highly structured threats.

Got Root Labs

Got Root Labs (http://www.gotroot.com) was created in 1998 by Michael and Scott Shinn, the founders of Prometheus Global, as an independent security research group. The mission of Got Root Labs was to research innovative defensive and offensive security methods. They have pioneered new approaches to security, such as physical penetration testing, virtual patching, and Intrusion Detection systems. Another innovation of Got Root Labs is distributed vulnerability assessments through light weight automatically deployed “dumb agents”, and later through direct remote-command control of systems.

Got Root is currently the home of the world’s largest database of signatures, rules and countermeasures against SQL injection, Cross Site Scripting (XSS), metacharacter attacks, remote code inclusion, XML schema attacks, buffer overflows, LDAP injection, dangling pointer attacks and other application and web based attacks. It is also the leading research lab in the new field of “Just in Time” or “Virtual” patching (JTIP). JITP is a method of developing virtual patches for applications before a vendor has released a security fix. Got Root Labs have been producing JIT patches for over four years. JITP allows an end-user of the vulnerable application to continue to use it in a secure manner, without a requirement to wait for the vendor to release an official patch. In many cases where JITP is properly deployed, the user may never need to patch the application. Got Root Labs also researches new approaches to data privacy, steganography and traffic analysis attacks. Our researchers are also heavily involved in researching the cutting-edge field of data privacy. They are currently researching new areas of data privacy such as translucent databases, token-based cashless systems, and real-time communications methodologies, such as Chaum Mixes, Type II and III remailers, Onion Skin Routing and other approaches to real-time and distributed data privacy.

Got Root Labs was brought into the Prometheus Global family in 2003, and merged with Atomicorp in 2009.

The Prometheus Global is privately held and is headquartered outside of Washington, DC. with staff located throughout the United States.